<?php

/*
 * This file will perform the ajax for creating a department-position, which also inserts in security group.
 * This is being used by admCreateDeptPos.php.
 * 
 * Created by: Peter Agno Jr.
 * Date created: November 29, 2011
 * 
 * In parameters: positionId, positionName, and secGrpIds
 * Out parameters: flag and msg about the success of creation of department-position
 */

//********************************************************************************************************
/*
 * Define the functions in here
 */  
    // Start - Check if the deptPosId is existing
    function idNotExist($departmentId, $positionId) {
        $query =
            "
                SELECT *
                FROM Department_Position
                WHERE departmentId = '$departmentId' AND positionId = '$positionId'
            ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        
        if ( mysql_num_rows($result) == 0 ) {
            return true;
        }
        else {
            return false;
        }
    } // End - Check if the deptPosId is existing
    
    // Start - Insert data in Position
    function createPos($positionId, $positionName) {
        $query =
            "
                INSERT INTO Position (positionId, positionName, positionLastUpdated) VALUES
                    ('$positionId', '$positionName', NULL);
            ";

        mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    } // End - Insert data in Position
    
    // Start - Insert data in Department_Position
    function createDeptPos($departmentId, $positionId) {
        $query =
            "
                INSERT INTO Department_Position (departmentId, positionId) VALUES
                    ('$departmentId', '$positionId');
            ";

        mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    } // End - Insert data in Department_Position
    
    // Start - Insert data in Dept_Pos_SecurityGroup
    function createDeptPosSecGrp($departmentId, $positionId, $secGrpIds) {
        $secGrpIds = explode(",", $secGrpIds);
        
        // Get the deptPosId
        $query =
            "
                SELECT *
                FROM Department_Position
                WHERE departmentId = '$departmentId' AND positionId = '$positionId'
            ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        $row = mysql_fetch_array($result);
        $deptPosId = $row['deptPosId'];
        
        // Insert data in Dept_Pos_SecurityGroup
        for ( $x = 0 ; $x < count($secGrpIds) - 1 ; $x++ ) {
            $query =
            "
                INSERT INTO Dept_Pos_SecurityGroup (deptPosId, securityGroupId) VALUES
                    ('$deptPosId', '$secGrpIds[$x]');
            ";

            mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        }

    } // End - Insert data in Dept_Pos_SecurityGroup
    
    // Start - Check if the positionId is existing
    function posIdNotExist($positionId) {
        $query =
            "
                SELECT *
                FROM Position
                WHERE positionId = '$positionId'
            ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        
        if ( mysql_num_rows($result) == 0 ) {
            return true;
        }
        else {
            return false;
        }
    } // End - Check if the positionId is existing
    
    // Start - Get the existing Id of this to be added positionId, for memory efficiency
    function getExistingId($positionId) {
        $query =
            "
                SELECT *
                FROM Position
                WHERE positionId = '$positionId'
            ";
        
        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
        $row = mysql_fetch_array($result);
        return $row['positionId'];
    } // End - Get the existing Id of this to be added positionId, for memory efficiency
    
//********************************************************************************************************

session_start();

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) {
    include('../includes/siteConfig.php');
    
    // connect to database
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');
    
    // Get the data from post
    $departmentId = $_POST['departmentId'];
    $positionId = $_POST['positionId'];
    $departmentName = $_POST['departmentName'];
    $positionName = $_POST['positionName'];
    $secGrpIds = $_POST['secGrpIds'];
    $positionFlag = $_POST['positionFlag'];
    
    if ( $positionFlag == "addPos" ) {
        $addPosId = $_POST['addPosId'];
        $addPosName = $_POST['addPosName'];
    }
    
    if ( $positionFlag == "existPos" && idNotExist($departmentId, $positionId) == true ) {
        // Create data if the position is already existing
        createDeptPos($departmentId, $positionId);  // Create data in Department_Position table
        createDeptPosSecGrp($departmentId, $positionId, $secGrpIds); // Create data in Dept_Pos_SecurityGroup table

        $jsondata = array();
        $jsondata['msg'] =  $positionName." of ".$departmentName." department was successfully created.";
        $jsondata['flag'] = "success";
        $feed[] = $jsondata;
        echo json_encode($feed);
    }
    else if ( $positionFlag == "addPos" ) {
        // Create data if the position is new
        
        // Check if the positionId is existing
        if ( posIdNotExist($addPosId) == true ) {
            createPos($addPosId, $addPosName); // Create data in Position table
        }
        else {
            // Get the existing Id of this to be added positionId, for memory efficiency
            $addPosId = getExistingId($addPosId); 
        }
        
            createDeptPos($departmentId, $addPosId);  // Create data in Department_Position table
            createDeptPosSecGrp($departmentId, $addPosId, $secGrpIds); // Create data in Dept_Pos_SecurityGroup table

            $jsondata = array();
            $jsondata['msg'] =  $addPosName." of ".$departmentName." department was successfully created.";
            $jsondata['flag'] = "success";
            $feed[] = $jsondata;
            echo json_encode($feed);
    }
    else {
        $jsondata = array();
        $jsondata['msg'] = "Error : Creating the position was not successful.";
        $jsondata['flag'] = "error";
        $feed[] = $jsondata;
        echo json_encode($feed);
    }
    
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
    echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>
